Copilot for Microsoft 365 Tech Accelerator
Feb 28 2024 07:00 AM - Feb 29 2024 10:30 AM (PST)
Microsoft Tech Community

Remove Active Directory forest from AADC

Copper Contributor


I have a single instance of AADC setup that is syncing two separate AD forests into single tenant.

I would like to remove one of the forests from AADC, but I do not want the cloud users to be deleted. I would like them to be converted to cloud users.

Is there a process for this?

Thank you

2 Replies

Hi @Jason Gaffney 

AFAIK there is no way to prevent the (temporary) deletion of the synced objects when removing an AD forest from AAD Connect configuration.

You can, immediately after the removal, go into deleted users and restore them. At that point they will become cloud users and retain all their data, licenses, etc..

You might also want to check the deleted groups section for any groups that were affected by the AD forest removal.

Also AAD Connect has a deletion threshold to prevent accidental mass deletions. This is set by default at 500.

To remove this run Disable-ADSyncExportDeletionThreshold

After you're done, set it again via Enable-ADSyncExportDeletionThreshold -DeletionThreshold 500

@Steve Hernou 



Right, but deletion needs to be avoided as you have to reset passwords upon restoring, that's not a viable solution.


I have found that I was able to accomplish this by disabling ADsync in the tenant. This will convert all accounts to cloud accounts and retains passwords.

Then a clean AADC install on a new machine and soft match the needed accounts.

All accounts and password stay in tact without anything being deleted :)